On Feb 22, 2010, at 5:48 PM, Stephen Kent wrote:
At 7:22 PM +0530 2/22/10, Syed Ajim Hussain wrote:
Hi Steve
According to me IPSEC/IKE should have intelligence by by-pass ND Traffic
when SA is not ready state without end-user intervention, and same
should be accepted by other
Yoav,
I did not mean to suggest that the SPD UI has to be a low level
interface that makes it difficult for users to achieve their secruity
goals. On the other hand, I would be surprised if any vendor's UI
really accepted English (or another human communication language).
So, despite the
On Feb 19, 2010, at 6:30 AM, Syed Ajim Hussain wrote:
Hi Yoav Nir All Group Member
Thanks for your quick response. I think, instead of user takes special
care by adding extra Rule to allow un-encrypted ND traffic(unicast) ,
There should be some RFC guidelines, such that IPSEC/IKE
At 10:00 AM +0530 2/19/10, Syed Ajim Hussain wrote:
Hi Yoav Nir All Group Member
Thanks for your quick response. I think, instead of user takes special
care by adding extra Rule to allow un-encrypted ND traffic(unicast) ,
There should be some RFC guidelines, such that IPSEC/IKE
Syed Ajim Hussain writes:
Thanks for your quick response. I think, instead of user takes special
care by adding extra Rule to allow un-encrypted ND traffic(unicast) ,
There should be some RFC guidelines, such that IPSEC/IKE protocol itself
can take care. It will be problem in
Hi All
IPv6 Peer1 -- IPv6 Peer 2
I have one question, for IKE IPv6 Solution.
Assume in IPsec6 Policy I have configure Source IPv6 Address and
Destination IPv6 Address as Traffic selector, now IPSEC SA is not yet
establish.
When IKE Triggers, SA
To: ipsec@ietf.org
Subject: [IPsec] IKE6 Negitaion when Peer Address ND not yet started.
Hi All
IPv6 Peer1 -- IPv6 Peer 2
I have one question, for IKE IPv6 Solution.
Assume in IPsec6 Policy I have configure Source IPv6 Address and
Destination IPv6 Address
Subject: RE: [IPsec] IKE6 Negitaion when Peer Address ND not yet started.
Hi, Syed Ajim.
In future please expand acronyms, because while it's safe to assume that
anyone reading this list knows what an SA is, not all of us are proficient
in IPv6 terminology.
Having said that, policies usually